BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Some Identities Are Worth More Than Others

Posted September 23, 2011    Peter McCalister

We may be all created equal, but some identities are worth more than others. I’m not just talking about Mark Zuckerberg or Bill Gates being worth more than the average Mark or Bill working across the hall from you. It turns out that identity thieves target patient health information more than standard social security identities for good reason.

Yep, your medical identity is worth 50 times that of your social security number.

According to a recent AHIMA article titled Mitigating Medical Identity Theft, “Medical identity theft is a lucrative form of identity theft. A stolen Social Security number has an estimated street value of $1 per identity; the price of stolen medical identity information averages a much higher street value, at an average of $50 per identity.” The article goes on to say ”
The primary victim of medical identity theft is usually an individual—a patient, potential patient, health plan member, or healthcare consumer. Individuals who are particularly vulnerable include those with developmental or intellectual disabilities, minors, newborns, the elderly, and persons whose information may be included on public registries (e.g., cancer registry). Thieves often target the recently deceased.
Secondary victims include, but are not limited to, parties who generate, manage, use, or transfer individually identifiable health information. Examples include healthcare providers, health plans, and society as a whole.”

Rick Kam over at ID Experts also reported on this in his blog and made a number of suggestion on how to protect yourself that all center around implementing a least privilege solution and protecting your vital information assets from insider threats as well as those outsiders like Identy Thief Irene who will hijack insider privileges inorder to steal other identities.

Leave a Reply

Additional articles

flash-logo

Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled”…

Tags:
, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

Tags:
, , , ,
Larry-Brock-CISO

Basic Blocking and Tackling for Defending Against Advanced Targeted Attacks

Posted January 22, 2015    Larry Brock

With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same.  It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique…

Tags:
, , , , ,